In its simplest form, a private TCP/IP network that securely shares information using Hypertext Transfer Protocol (HTTP) and other Internet protocols with business partners such as vendors, suppliers, and wholesale customers.
An extranet is thus a corporate intranet that is exposed over the Internet to certain specific groups that need access to it. Extranets built in this fashion follow the client/server paradigm, with Web servers such as Microsoft Internet Information Services (IIS) functioning as the server, and Web browsers such as Microsoft Internet Explorer functioning as the client. Other extranet models exist, however, such as a peer-to-peer business connection for electronic data interchange (EDI).
Extranets are a powerful tool because they let businesses share resources on their own private networks over the Internet with suppliers, vendors, business partners, or customers. Extranets are typically used for supporting real-time supply chains, for enabling business partners to work together, or to share information such as catalogs with customers.
The power of the extranet is that it leverages the existing technology of the Internet to increase the power, flexibility, and competitiveness of businesses utilizing well-known and easily used tools such as Web servers and Web browsers. Extranets also save companies money by allowing them to establish business-to-business connectivity over the Internet instead of using expensive, dedicated leased lines. Extranets can also save money by reducing phone and fax costs.
Peer-to-peer extranets between business partners typically use virtual private networks (VPNs) to establish secure, encrypted communication over the unsecured public Internet for the transmission of sensitive business information, such as EDI between partners, or between headquarters and branch offices.
These extranets act as dedicated gateways between business partners and generally do not allow private access to individual users. Peer-to-peer extranets can use Internet Protocol Security (IPSec) with a public key infrastructure (PKI) to provide IP-based authentication and encrypted transmission of information.
Client/server extranets have different requirements, as individual users need to be authenticated before receiving secure, encrypted access to company resources. Instead of authenticating on the basis of IP addresses as in peer-to-peer extranets, users must be authenticated using user accounts or digital certificates mapped to accounts.
Client/server extranets might support HTTP access only or might allow other client/server applications to run. Encryption for HTTP access is performed using the Secure Sockets Layer (SSL) protocol.